Di seguito sono consultabili le note di rilascio - in gergo "release notes" - relative al file PuTTY 0.72, nel caso in cui gli sviluppatori abbiano reso disponibile tale documentazione in occasione della pubblicazione del software. Tuttavia, se hai bisogno di maggiori informazioni su PuTTY 0.72, o se le note di rilascio non sono (ancora) disponibili, è comunque possibile procedere con la lettura della descrizione del file. |
- Security fixes found by the EU-funded bug bounty:
- two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking
- a vulnerability in all the SSH client tools (PuTTY, Plink, PSFTP and PSCP) if a malicious program can impersonate Pageant
- Bug fix: crash in GSSAPI / Kerberos key exchange affecting third-party GSSAPI providers on Windows (such as MIT Kerberos for Windows)
- Bug fix: crash in GSSAPI / Kerberos key exchange triggered if the server provided an ordinary SSH host key as part of the exchange
- Bug fix: trust sigils were never turned off in SSH-1 or Rlogin
- Bug fix: trust sigils were never turned back on if you used Restart Session
- Bug fix: PSCP in SCP download mode could create files with a spurious newline at the end of their names
- Bug fix: PSCP in SCP download mode with the
-p option would generate spurious complaints about illegal file renaming
- Bug fix: the initial instruction message was never printed during SSH
keyboard-interactive authentication
- Bug fix: pasting very long lines through connection sharing could crash the downstream PuTTY window
- Bug fix: in keyboard layouts with a ',' key on the numeric keypad (e.g. German), Windows PuTTY would generate '.' instead for that key
- Bug fix: PuTTYgen could generate RSA keys with a modulus one bit shorter than requested
|
|